Legal claims defining the scope of protection, as filed with the USPTO.
1. A system for initiating establishment of a connection, the system comprising: a device intermediary between a client and a server, the device configured to: determine at least one server name indicator (SNI) for an application executing on the client and having a secure session established with the server; determine, for each domain name corresponding to the at least one SNI, a session timeout value for the corresponding domain name; and send a message to the client according to each session timeout value, to cause the client to initiate establishment of a connection for the corresponding domain name using the secure session.
2. The system of claim 1 , wherein the secure session comprises a secure socket layer (SSL) session, and the message comprises a server-sent event (SSE) message.
3. The system of claim 1 , wherein the application is configured to access a software as a service (SaaS) based resource of the server.
4. The system of claim 1 , wherein the device is configured to determine the at least one SNI using historical data of a user of the application accessing one or more resources of the server.
5. The system of claim 1 , wherein the device is configured to determine the at least one SNI according to access granted to a user of the application, to one or more resources of the server.
6. The system of claim 5 , wherein the access is granted according to role-base access control (RBAC).
7. The system of claim 1 , wherein the device is configured to determine the session timeout values using at least one of: a session timeout parameter of the device or a session timeout parameter of the application.
8. The system of claim 1 , wherein if the application comprises a browser, determining a first session timeout value according to a frequency or interval of client hello messages from the application, when a session timeout parameter of the device is larger in value than that of a session timeout parameter of the application.
9. The system of claim 1 , wherein if the application comprises a browser, determining a first session timeout value according to a session timeout parameter of the device, when a session timeout parameter of the device is smaller in value than that of a session timeout parameter of the application.
10. The system of claim 1 , wherein the secured session is established for the application to access a webpage of the server, and the webpage has a link associated with a first domain name, and the device is further configured to: send a first message to the client to cause the client to initiate establishment of a first connection for the first domain name using the secure session; determine a first session timeout value for the first domain name, and send a second message to the client according to the first session timeout value, to cause the client to initiate establishment of a second connection for the first domain name using the secure session.
11. A method for initiating establishment of a connection, the method comprising: determining, by a device intermediary between a client and a server, at least one server name indicator (SNI) for an application executing on the client and having a secure session established with the server; determining, by the device for each domain name corresponding to the at least one SNI, a session timeout value for the corresponding domain name; and sending, by the device, a message to the client according to each of the determined session timeout values, to cause the client to initiate establishment of a connection for the corresponding domain name using the secure session.
12. The method of claim 11 , wherein the secure session comprises a secure socket layer (SSL) session, and the message comprises a server-sent event (SSE) message.
13. The method of claim 11 , wherein the application is configured to access a software as a service (SaaS) based resource of the server.
14. The method of claim 11 , further comprising determining the at least one SNI using historical data of a user of the application accessing one or more resources of the server.
15. The method of claim 11 , further comprising determining the at least one SNI according to access granted to a user of the application, to one or more resources of the server.
16. The method of claim 15 , wherein the access is granted according to role-base access control (RBAC).
17. The method of claim 11 , further comprising determining the session timeout values using at least one of: a session timeout parameter of the device or a session timeout parameter of the application.
18. The method of claim 11 , wherein if the application comprises a browser, the method further comprises determining a first session timeout value according to a frequency or interval of client hello messages from the application, when a session timeout parameter of the device is larger in value than that of a session timeout parameter of the application.
19. The method of claim 11 , wherein if the application comprises a browser, the method further comprises determining a first session timeout value according to a session timeout parameter of the device, when a session timeout parameter of the device is smaller in value than that of a session timeout parameter of the application.
20. The method of claim 11 , wherein the secured session is established for the application to access a webpage of the server, and the webpage has a link associated with a first domain name, the method further comprising: sending a first message to the client to cause the client to initiate establishment of a first connection for the first domain name using the secure session; determining a first session timeout value for the first domain name, and sending a second message to the client according to the first session timeout value, to cause the client to initiate establishment of a second connection for the first domain name using the secure session.
Unknown
July 21, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.